We propose a protocol based on pulse-position modulation and multi-level coding that allows one to bootstrap traditional quantum key distribution protocols while ensuring covertness, in the sense that no statistical test by the adversary can detect the presence of communication over the quantum channel better than a random guess. When run over a bosonic channel, our protocol can leverage existing discrete-modulated continuous-variable protocols. Since existing techniques to bound Eve's information do not directly apply, we develop a new bound that results in positive, although very low, throughput for a range of channel parameters. The analysis of the protocol performance shows that covert secret key expansion is possible using a public authenticated classical channel and a quantum channel largely but not fully under the control of an adversary, which we precisely define. We also establish a converse result showing that, under the golden standard of quantum key distribution, by which the adversary completely controls the quantum channel, no covert key generation is possible.